Recently Microsoft announced the general availability of a very anticipated feature in Intune:Manage Windows driver and firmware updates with Microsoft Intune – Microsoft Community Hub Check out the Microsoft blog post above for information about what it is and how it works. More details about the feature, its prerequisites and how it works can be…
Category: Intune
Windows Servicing, Personal Teams and Success.cmd
Time to share how I am using Success.cmd to add the registry key to prevent Personal Teams. I think that the possibility to run commands when doing feature updates is used way too little. We have the option to use SetupConfig.ini as well with Intune, Configuration Manager and Standalone of that is what we want…
Windows MDM Security Baseline – Settings Catalog
Important Update! I published a new export to solve import issues but that export missed the following so if you download that export update it with the following changes to match the Security Baseline: I wrote a post a couple of weeks ago with the Microsoft Edge Security Baseline policy re-created in Settings catalog. I…
Configuring MS Edge Security Baseline v107 using Settings Catalog
The Security baseline in Intune is based on the Security Baseline for Edge v85.. We are currently on Edge baseline 107 (no new recommended settings for 108 & 109). That is only one reason for creating you own Edge Security baseline using Settings Catalog instead. More reasons are that it is easier to troubleshoot and…
Configuring Desktop App Installer using CSP and script?!
Desktop App installer a.k.a. Windows Package Manager and Winget is a powerful addition to the Windows platform. It is also something that we all need to learn and configure according to our organization’s requirements, compliance requirements and security. The “New” Store support in Intune makes this a bit trickier as well as we must allow…
Customizing Taskbar and Start in Windows 11 22h2 with PowerShell
In Windows 11 22H2 we have some great new options for the Start Menu layout which I really like, More Pins or More recommendations. There is no builtin way to configure the default for the end-user with which Start Menu layout to use. We get a lot of questions from end-users that they would like…
Switch to Private Firewall profile on AAD joined when connected to specific network.
One of the biggest differences there is between supporting an ADD joined Windows devices compared to On-premise is the Domain firewall profile. When a AD joined device are connected to the domain network it switches to a domain firewall profile where we can have management ports open. Administrative shares, WinRM, Remote Registry and much more…
Installing updates during OSD using PSWindowsUpdate
When we move workloads to Intune in our Co-Management scenarios we lose some features we have been using and need to go back to basic. In this short post we will install updates during OSD using the PSWindowsUpdate module which is great. When we moved the Windows Update workload and uninstalled WSUS we need another…